From 3dd7b432237e5b3bb29832b10bd3c767fe02f4c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=F0=9F=A6=AB=20Rastislav=20=C5=A0varba?=
 <rastislav.svarba@merck.com>
Date: Tue, 9 Nov 2021 08:56:14 +0100
Subject: [PATCH] Remove CVE-2021-23369 finding for modules using CLI

`handlebars@4.7.7` is already in the yarn.lock, but when TSOA is imported,
yarn audit finds this issue, based on version in package.json version
https://github.com/advisories/GHSA-f2jv-r9rf-7988
---
 packages/cli/package.json | 2 +-
 yarn.lock                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/cli/package.json b/packages/cli/package.json
index 872d337ba..eccb947ba 100644
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -31,7 +31,7 @@
     "deepmerge": "^4.2.2",
     "fs-extra": "^8.1.0",
     "glob": "^7.1.6",
-    "handlebars": "^4.7.6",
+    "handlebars": "^4.7.7",
     "merge": "^2.1.0",
     "minimatch": "^3.0.4",
     "typescript": "^4.1.2",
diff --git a/yarn.lock b/yarn.lock
index a345c78ba..0cbd7456b 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3575,7 +3575,7 @@ growl@1.10.5:
   resolved "https://registry.yarnpkg.com/growl/-/growl-1.10.5.tgz#f2735dc2283674fa67478b10181059355c369e5e"
   integrity sha512-qBr4OuELkhPenW6goKVXiv47US3clb3/IbuWF9KNKEijAy9oeHxU9IgzjvJhHkUzhaj7rOUD7+YGWqUjLp5oSA==
 
-handlebars@^4.7.6:
+handlebars@^4.7.6, handlebars@^4.7.7:
   version "4.7.7"
   resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.7.7.tgz#9ce33416aad02dbd6c8fafa8240d5d98004945a1"
   integrity sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==